Product changelog

Appearance

April 17, 2026 — Backend

Release date: Friday, April 17, 2026

Summary

Backend work delivered admin and IAM (roles, permissions, user lifecycle, /auth/me), building inspection lifecycle and assign-inspector routing, a Prisma migration moving building enums to English labels with DTO and OpenAPI alignment, and comment threads gated on building.view with author context on responses. Permission and route renames need coordinated client and seed updates.

Shipped

  • Admin & auth: Roles and permissions APIs, user management, User.deletedAt soft delete, GET /auth/me, permissions on /me, permission renames (permissions.manage, user.manage, inspection assign vs add).
  • Inspections: Active/history lifecycle; routes renamed toward assign-inspector; inspection permission semantics updated with migration.
  • Building domain: English Prisma enums; DTO and inspection alignment; OpenAPI and guides refreshed.
  • Comments: building.view required on threads; author on thread payloads.
  • Docs & tooling: OpenAPI and REST examples synced; audit timeline planning notes; weekly-commit-summary Cursor skill; OpenAPI meta timestamp refresh.

Engineering (commit recap)

Backend — week of April 13 – April 17, 2026

Window: after 2026-04-12 23:59:59, before 2026-04-18 00:00:00 (--no-merges).

Summary

Admin and identity expanded (user/role/permission APIs, soft delete, current user). Building inspections gained lifecycle and assign-oriented routes. Enums moved to English across Prisma, DTOs, and docs—a breaking change for string consumers. Comments tightened authorization and payloads. OpenAPI and internal docs tracked each shift.

Themes

  • Admin, auth, IAM: GET /auth/me; permissions on /me; roles listing; user/role management APIs; User.deletedAt; renames toward permissions.manage, user.manage, inspection assign permission.
  • Building inspections: Active vs history lifecycle; assign-inspector route naming; permission rename from add to assign.
  • Prisma & building API: Migration of building enums to English; DTO and inspection alignment; OpenAPI and building guides updated.
  • Comments: Require building.view; return author on threads; OpenAPI and REST client examples synced.
  • Documentation & plans: Admin users/roles docs; audit timeline plan; polymorphic root context note for timelines.
  • Tooling: Weekly-commit-summary skill; generated OpenAPI generatedAt refresh.

Notable fixes or risks (if any)

  • Clients and seeds: Enum strings and permission keys changed—regenerate clients and update hard-coded values.
  • Migrations: English enum migration must run cleanly per environment; validate integrations that depended on old labels.
  • Soft delete: User visibility semantics changed; callers should follow API contracts rather than assuming all rows are “active”.